]> git.ipfire.org Git - thirdparty/apache/httpd.git/commit
CVE-2014-0098 (reported by Rainer Canavan <rainer-apache 7val com>)
authorWilliam A. Rowe Jr <wrowe@apache.org>
Fri, 7 Mar 2014 20:56:24 +0000 (20:56 +0000)
committerWilliam A. Rowe Jr <wrowe@apache.org>
Fri, 7 Mar 2014 20:56:24 +0000 (20:56 +0000)
commit8255e22e35392afd4152a80253236c2d5096201a
treeb5e95bde065676d76a269177151fcb7f98d9ebb9
parentcda114a3c19c8f1f525eee7764818fea5a4a7c97
CVE-2014-0098 (reported by Rainer Canavan <rainer-apache 7val com>)
Segfaults w/ truncated cookie logging.

Clean up the cookie logging parser to recognize only the cookie=value pairs,
not valueless cookies.  This refactors multiple passes over the same string
buffer into a single pass parser.

Submitted by: wrowe
Reviewed by: rpluem, jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1575400 13f79535-47bb-0310-9956-ffa450edef68
CHANGES
modules/loggers/mod_log_config.c